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(54) information communication device, intormation communication system and computer 
program product for transmission control 



(57) An aspect of the present invention provides an 
infomriation communication device for transmitting elec- 
tronic data encrypted for the purpose of copyright pro- 
tection, the device includes that an identification infor- 
mation managing unit configured to hold device identi- 
fication Infonnation in connection with other infomriation 
communication devices acquired through a network, an 
ID registration processing unit configured to register the 
device identification infomnation of another communica- 
tion device when the other ccmnunication device satis- 



fies a predetermined distance condition or when com- 
mon identification infomnation that Is held by both infor- 
mation communication devices is received from a port- 
able device, and an authentication and key exchange 
processing unit configured to, for the purpose of copy- 
right protection, complete authentication and key ex- 
change process (AKE process) only when another In- 
formation communication device whose devk:e identifi- 
cation Infomnation is registered in the identifteation In- 
formation managing unit. 
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Description 

CROSS REFERENCE TO RELATED APPLICATIONS 

[0001] This application claims benefit of priority under 5 
36 use 11 9 based on Japanese Patent Applications No. 
P2003-1 94491 filed on July 9t^ 2003, and No. 
P2003-406359 filed on December 4*^, 2003. the entire 
contents of which are Incorporated by reference herein. 
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BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0002] The present invention relates to an information is 
communication device, infomriation communication sys- 
tem, and transmission control program for sending and 
receiving electronic data that requires copyright protec- 
tion between a sending device and a receiving device. 

20 

2. Description of Related Art 

[0003] The number of so-called digital infonnation 
electric products is increasing and the popularity of 
these products is expected to spread with start of digital 2s 
broadcasting. These products Include such items as tel- 
evisions compatible with digital broadcasting, digital 
VTRs, DVD players, hard disk recorders, and various 
other products that handle digital data and digital con- 
tent. 30 
[0004] One of the problems that must be addressed 
as these products become more widespread is the issue 
of copyright protection forthe content. While digital data 
is advantageous in that it can be copied without degrad- 
ing in quality, it has the disadvantage of being easy to 35 
copy illicitly. 

[0005] Consequently, systems compliant with IEEE 
1394, i.e.. digital networks that connect digital AV (au- 
diovisual) devices together, are provided with functions 
for authentcation, key exchange, and data encryption. 40 
[0006] Consider a hypothetical situation in which AV 
data requiring copyright protection is to be transmitted 
from a sending device to a receiving device. In such a 
situation, rt is Important for the copyright protection to 
be contrived in such a manner that an Individual (or, in 45 
a broader Interpretation, a family) can enjoy handling the 
AV data without being hindered by the copyright protec- 
tion so long as the handling does not involve exchanging 
the AV data with other parties or the payment of listen- 
ing/viewing fees or copyright royalties. so 
[0007] DTCP (digital transmission content protection) 
is a known system for providing copyright protection on 
networks. DTCP has become a de facto standard cop- 
yright protection method for use with IEEE 1394 and 
USE. With DTCP, authentication and key exchange ss 
processing is executed between the sending devk:e and 
the receiving device with respect to the AV data or other 
content requiring copyright protection and the AV data 



is transmitted in an encrypted manner (see http://www. 
dtcp.com).. 

[0008] Generally, copyright protection in a transmis- 
sion system involves transmitting AV data using the fol- 
lowing processing steps. First, commands for sending 
and receiving AV data are Issued between the sending 
device and the receiving device. For example, the re- 
ceiving device issues the playback command (which is 
one of the AV control commands) to the sending device. 
[0009] Next, the AV data is encrypted for copyright 
protection and transmission of the AV data from the 
sending device to the receiving device commences. Be- 
fore or after the transmission, authentication and key ex- 
change processing for the copyright protection Is exe- 
cuted between the sending device and the receiving de- 
vce. If the authentication and key exchange processing 
is successful, it becomes possible for the AV data en- 
cryption key to be shared by the sending device and the 
receiving device or for the sending device and receiving 
device to calculate an encryption key and the receiving 
device decrypts and plays back the received encrypted 
AV data. If the AV data transmission is conducted using ' 
an internet protocol (IP), various web applications can 
be linked and web browsers and other assets can be 
utilized so that various network configurations can be 
accommodated. 

[0010] For this reason, an IP (more specifically, IPv4 
or IPv6) is often used as the protocol for transmitting AV 
data that has been compressed using MPEG or the like. 
Still more specifically, such protocols as RTP (real time 
transport protocol) and HTTP (hypertext transport pro- 
tocol) are used. 

[001 1 ] However, with an IP, a security problem arises 
because I P packets can be transmitted regardless of the 
specific network configuration. Consequently, there are 
IP technologies, such as VPN (virtual private network), 
for connecting remote IP networks together logically. 
When one of these technologies is used, IP packets can 
be transmitted between a home network of a person X 
in a district A and a home network of a person Y in a 
district B (which Is physically distant from the district A) 
over the VPN or the like. In other words, the home net- 
work of the person X and the home network of the per- 
son Y can be operated as though they are a single home 
network. 

[0012] Regarding copyright protection, copying and 
the like of AV data are allowed within the realm of indi- 
vidual enjoyment but other parties are not allowed to 
copy the AV data. However, by using one of the tech- 
nologies just mentioned (e.g., VPN technology), it is 
possible to make the networks of different individuals 
appear logically as a single network (that is, it Is possible 
to configure the networks as a single network) and there 
is the possibility that devices that vfolate copyright laws 
will became available. 
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SUMMARY OF THE INVENTION 

[001 31 An aspect of the present invention provides an 
infomnation communication device fortransnnitting elec- 
tronic data encrypted for the purpose of copyright pro- 5 
tection. the device includes that an identification infor- 
mation managing unit configured to hold device identi- 
fication infonmation in connection with other infonmation 
communication devices acquired through a network, an 
ID registration processing unit configured to register the io 
device identification infomnation of another communica- 
tion device when the other communication device sat- 
isfies a predetermined distance condition or when com- 
mon identification information that is held by both infor- 
mation communication devices is received from a port- 
able device, and an authentication and key exchange 
processing unit configured to, for the purpose of copy- 
right prptection, complete authentication and key ex- 
change process (AKE process) only when another in- 
formation communication device whose device identifi- 
cation information is registered in the identification In- 
fomnation managing unit. 

[0014] Another aspect of the present invention pro- 
vides an information communication system for trans- 
mitting electronic data encrypted for the purpose of cop- 
yright protection, the system includes that a sending de- 
vice, and a receiving device configured to receive elec- 
tronic data encrypted for the purpose of copyright pro- 
tection and sent from the sending device, wherein at 
least one of the sending device and the receiving device 
includes that an identification information managing unit 
configured to hold device identification information re- 
garding another device acquired through a network, an 
ID registration processing unit configured to register the 
device identification information of another device when 
the other device is recognized to be connected to a net- 
work having a prescribed limited range, and an authen- 
tication and key exchange processing unit configured to 
complete AKE process only when another information 
communication device whose device identification infor- 
mation is registered in the identifteation infomnation 
managing unit 

[0015] Furthermore, another aspect of the present in- 
vention provides a computer program product compris- 
ing a computer useable medium having computer pro- 
gram logic recorded thereon for enabling a processor to 
control transmission of electronic data encrypted for the 
purpose of copyright protection, the computer program 
product Includes that a sending procedure that enables 
the processor to send a request packet to another infor- 
mation communication device with which communica- 
tion is to be conducted, a receiving procedure that ena- 
bles the processor to receive a response packet from 
another information communication device, a determin- 
ing procedure that enables the processor to determine 
if another information communication device is connect- 
ed to a network having a prescribed limited range based 
on the received devbe ID response packet, a registra- 



tion procedure that enables the processor to register the 
device identification information of another information 
communication device when it is determined that the 
other information communication device Is connected to 
a network having a prescribed limited range, and an au- 
thentication and key exchange procedure that enables 
the processor to. for the purpose of copyright protection, 
complete AKE process only when another information 
communication device whose device identification infor- 
mation is registered in the identification information 
managing unit. 

BRIEF DESCRIPTION OF THE DRAWINGS 



15 [0016] 

Figure 1 is a block diagram showing a receiving de- 
vice according to an embodiment of the present in- 
vention. 

20 Figure 2 is a block diagram an embodiment of the 
sending device 2. 

Figure 3 shows an example of an ID list. 
Figure 4 is a block diagram showing the intemal fea- 
tures of a receiving device 3 in accordance with the 
25 embodiment. 

Figures 5 and 6 are sequence diagrams showing 
the processing steps for transmitting AV data be- 
tween the sending device 2 and the receiving de- 
vice 3 in accordance with the first embodiment. 
30 Figure 7 is a sequence diagram showing the 
processing steps for spoofing prevention In accord- 
ance with the first embodiment. 
Figure 8 is a sequence diagram showing the 
processing steps for transmitting AV data in the see- 
ds ond embodiment. 

Figure 9 is a block diagram showing an infomnation 
communication system in accordance with the third 
embodiment of the present invention. 
Figure 10 is a block diagram showing an example 
40 of the sending device 2a shown in Figure 9. 

Figure 11 Is a block diagram showing an example 
of the receiving device 3a. 

Figure 1 2 shows the data structure of the short-dis- 
tance ID managing units 43, 53 inside the sending 
45 device 2a and receiving device 3a. 

Figure 13 is a block diagram showing an example 
of the internal features of the short-distance wire- 
less device 4 when the short-distance wireless de- 
vice 4 is an infrared remote control device. 
50 Figure 14 is a block diagram showing an example 
of the internal features of the short-distance wire- 
less device 4 when the short-distance wireless de- 
vice 4 is a wireless tag device. 
Figure 15 is a sequence diagram showing the 
55 processing steps for registering a short-distance ID 
to the sending device 2a and the receiving device 
3a. 

Figure 1 6 is a sequence diagram of the authentica- 
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tlon and key exchange processing and the send 
processing for registration of the short-distance ID. 
Figure 17 is a sequence diagram showing the 
processing steps for transmitting AV data between 
the sending device 2a and the receiving device 3a. 5 
Figure 18 is a sequence diagram showing the 
processing steps for a case in which the short-dis- 
tance ID (= AA) sent from the receiving device 3a 
in the previously described step S91 is not regis- 
tered in the short-distance ID managing unit 43 of io 
the sending device 2a. 

Figure 19 Is a sequence diagram showing another 
example of the processing steps for transmitting AV 
data between the sending device 2a and the receiv- 
ing device 3a. 75 
Figure 20 is a block diagram showing an infomriation 
communication system in accordance with the 
fourth embodiment of the present invention. 
Figure 21 is a block diagram showing an example 
of the internal features of the sending device 2b in- 20 
dicated in Figure 20. 

Figure 22 is a block diagram showing an example 
of the internal features of the receiving device 3b 
shown in Figure 20, 

Figure 23 is a block diagram showing an example 25 

of the internal features of an IC card. 

Figure 24 is a block diagram showing an infonnation 

communication system in accordance with the fifth 

embodiment of the present invention. 

Figure 25 is a block diagram showing an example 30 

of the Internal features of the receiving device 3c 

indicated in Figure 24. 

Figure 26 is a block diagram showing an example 
of the internal features of a B-CAS card 6. 

35 

DETAILED DESCRIPTION OF THE EMBODIMENTS 

[001 7] Various embodiments of the present invention 
will be described with reference to the accompanying 
drawings. It Is to be noted that the same or similar ref- 40 
erence numerals are applied to the same or similar parts 
and elements throughout the drawings, and the descrip- 
tion of the same or similar parts and elements will be 
omitted or simplified. 

[0018] Figure 1 is a block diagram of an information 45 
communication system In accordance with a first em- 
bodiment of the present invention. The information com- 
munication system shown in Figure 1 is intended for 
sending and receiving chiefly AV data within the resi- 
dence of an Individual and is provided with a sending so 
device 2 and a receiving device 3 connected to a home 
network 1 . 

[001 9] The home network 1 can be any of a variety of 
network configurations, such as a wireless LAN compli- 
ant with IEEE 80?.11. an Ethernet (registered trade- 55 
mark), or an IEEE 1394 network. It is acceptable for oth- 
er devices to be connected to the home network 1 in 
addition to the sending devce 2 and the receiving device 



3. but such devices are omitted here for the purpose of 
simplification. When an internet protocol (IP) is used on 
the home network 1 , either IPv4 or IPv6 is acceptable. 
[0020] The AV data exchanged between the sending 
device 2 and receiving devk:e 3 requires copyright pro- 
tection and is transmitted In a state in which appropriate 
copyright protection has been applied. In this embodi- 
ment, it will be assumed that DTGP is used as the meth- 
od of achieving copyright protection on the network, but 
it also acceptable to use a copyright protection arrange- 
ment other than DTCP. See http: //www.dtcp.com for 
more infonnation regarding DTCP. 
[0021] in this embodiment, a registration procedure is 
established in advance between the sending device 2 
and the receiving device 3 whereby the sending device 
2 and receiving device 3 are both registered to each oth- 
er or only one is registered to the other. Devices that 
have not completed the registration procedure are not 
allowed to transmit AV data to each other, decrypt en- 
crypted AV data, or complete the authentication and key 
exchange processing. 

[0022] More specifically, the transmission time is gen- 
erally longer when packets are transmitted between dif- 
ferent home networks 1 and a router network (public in- 
ternet) is typically used when different home networks 
1 are connected together. In this embodiment, the infor- 
mation communication device takes advantage of these 
characteristics and ends the registration if the exchange 
of the registration packets is not completed within a pre- 
scribed amount of time. The packets used for registra- 
tion can be data link layer frames and physical layer 
frames. These frames include, for example, Ethernet 
(registered trademark) packets and wireless layer pack- 
ets. Since these frames are not routed by the router, the 
exchange of these frames can be limited to devices that 
can communicate within a prescribed LAN. 
[0023] Figure 2 is a block diagram an embodiment of 
the sending device 2. The sending device 2 shown in 
Figure 2 is provided with the following: a network inter- 
face unit 11; a communication processing unit 12 con- 
figured to execute communication processing; a DTCP 
device ID recording unit 13 configured to record the 
DTCP device ID of the sending device 2; an ID manag- 
ing unit 14 configured to register the device IDs of other 
communication devices inside the same residence ac- 
quired through the network; an ID registration process- 
ing unit 1 5 configured to control the registration of device 
IDs In the ID management unit 14: a measuring unit 16 
configured to measure the time required for the device 
ID'S to be reported from the other communication devic- 
es; an authentication and key exchange processing unit 
17 configured to execute DTCP authentication and key 
exchange processing in order to accomplish copyright 
protection, an encryption processing unit 18 configured 
to encrypt data that will be sent; a packet processing 
unit 1 9 configured to convert the AV data and the DTCP 
management data to be sent to the receiving device 3 
Into communication packets; and a content supply unit 
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20 configured to store AV.data. 
[0024] After the ID registration processing unit 16 re- 
quests another communication device inside the resi- 
dence to send Its device ID, the measuring unit 1 6 meas- 
ures the time until there is a response providing the de- 
vice ID. It is also acceptable that the measuring unit 17 
measures time of other packet communications than 
that of device ID between the sending device 2 and the 
other communication device. If the response occurs 
within a prescribed amount of time, the ID registration 
processing unit 1 5 registers the device ID in the I D man- 
aging unit 14. The ID managing unit 14 holds a list of 
registered device IDs (hereinafter called the "ID list") 
and, when the ID registration processing unit 15 issues 
a request to register a device ID, the ID managing unit 
1 4 adds the device ID to the ID list so long as the device 
ID has not already been registered to the ID list. 
[0025] In this embodiment, the measuring device 16 
measures the distance between the sending device 2 
and the other communication device within the networic 
by measuring time. However, the invention is not limited 
to this method and It is also acceptable to measure the 
physical distance using a GPS or the like. In the case of 
a wireless arrangement, it is also acceptable to measure 
the distance based on the strength of the wireless sig- 
nal. When an optical commumication medium is used, 
It is acceptable to measure the distance based on the 
intensity of the light. 

[0026] Figure 3 shows an example of an ID list. The 
ID list registers the DTCP device ID of each of the other 
commmication devk:es as a mandatory item and regis- 
ters such optional Items as the following: the RTT (round 
trip time), a unique ID (e.g., MAC address), and date 
and time of last use (data and time of the last commu- 
nicatbn with the other communication device). 
[0027] Up to N (where N Is a prescribed integer) de- 
vice IDs can be registered in the ID list. When there is 
a request to register a new device ID and N device IDs 
have already been registered, it is acceptable to handle 
the request by either denying the registration of the new 
device ID or deleting a previously registered device ID 
so that the new device ID can be registered. In the latter 
case, any of the following arrangements is acceptable: 
delete the device ID of the registered communication 
device with which communication has not been con- 
ducted for the longest period of time; delete the device 
ID that was registered the longest ago, as In the case of 
the FIFO format; or allow the user to delete an arbitrary 
device ID by means of some kind of user interface . In 
this way, the number of device ID entries in the ID list 
can be limited as mentioned-above. 
[0028] In this embodiment, the DTCP device ID is an 
identification number for the DTCP device. It is prefera- 
ble that every DTCP device In the entire world have a 
unique ID. it is also acceptable for the DTCP devk:e ID 
to be an ID embedded in a certificate (called a "device 
certificate") that proves the device is a properly licensed 
device. The device certificate includes digital signatures 



and the like that can be verified to confirm that the devtee 
certificate is correct. 

[0029] Figure 4 is a block diagram showing the inter- 
nal features of a receiving device 3 in accordance with 

5 this embodiment. The receiving device 3 shown In Fig- 
ure 4 is provided with the following: a network interface 
unit 21 ; a communication processing unit 22 configured 
to execute communication processing; a DTCP devtee 
ID recording unit 23 configured to record the DTCP de- 

10 vice ID of the receiving device 3; an ID managing unit 

24 configured to register the device IDs of other com- 
munication devices inside the same residence acquired 
through the network; an ID registration processing unit 

25 configured to control the registration of device IDs in 
t5 the ID management unit 24; a measuring unit 26 con- 
figured to measure the time required for the device ID's 
to be reported from the other communication devices; 
an authentication and key exchange processing unit 27 
configured to execute DTCP authentication and key ex- 

20 change processing in orderto accomplish copyright pro- 
tection, an encryption processing unit 28 configured to 
decrypt data that has been received; a packet process- 
ing unit 29 configured to convert the received signal into 
AV data; and a content supply unit 30 configured to store 

25 AV data. 

[0030] Figures 5 and 6 are sequence diagrams show- 
ing the processing steps for transmitting AV data be- 
tween the sending device 2 and the receiving device 3 
In the first embodiment. The sequence diagrams shown 

30 in Figures 5 and 6 start when the users of the sending 
device 2 and the receiving device 3 press a register but- 
ton or dick a register icon (steps S11 and SI 2). 
[0031] It is also acceptable to start the processing of 
Figure 5 when a starting action is performed at only one 

35 or the other of the sending device 2 and the receiving 
device 3. Still another option Is to set the sending device 
2 and the receiving device 3 to registration mode and 
start the processing of Figure 5 automatically when the 
power to said devices is turned on. 

40 [0032] In any case, registration processing is execut- 
ed between two devk:es each of whose registration but- 
ton was pressed or between a communteation devtee 
whose registration button was pressed and another 
communication device (nomially a communication de- 

45 vice whose power Is on). 

[0033] It is also acceptable to configure the system 
such that registration processing starts without obtain- 
ing an instruction to start registration from a user. 
[0034] Although Figure 5 illustrates a case in which 

50 registration is performed between two devices, i.e., the 
sending device 2 and the receiving device 3, It is also 
acceptable register three or more devices simultane- 
ously. 

[0035] When the registration processing starts, the 
55 sending device 2 starts measuring time (timer ON) using 
the measuring unit (step SI 3) and sends a device ID 
send request packet to the receiving device 3 for the 
purpose of registering the device ID in the ID list (step 
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SI 4), The packet can be sent using Ethernet (registered 
tradennark) f rannes or wireless layer frannes (data link 
layer frannes or physical layer frannes). The device ID 
send request packet includes a time stamp and a ran- 
dom number selected by the sending device 2. It is ac- 5 
ceptable for the sending device 2 to broadcast the de- 
vice ID send request packet over the network. In such 
a case, the Ethernet (registered trademark) broadcast 
address is used as the destination Ethernet (registered 
trademark) address. io 
[0036] The receiving devtee 3 receives the devtee ID 
send request packet and sends a device ID response 
packet to the sending devbe 2 (step SI 5). The device 
ID response packet, too, is sent using Ethernet (regis- 
tered trademark) frames or wireless layer frames. It is ^5 
acceptable for the receiving device 3 to include in the 
device ID response packet the same random number 
and tin^e stamp as was included in the device ID send 
request packet from the sending device 2. In this way, 
the sending device 2 can know which request packet 
the response corresponds to and it is easier for the 
measuring unit 16 to measure the time. 
[0037] It is also acceptable to configure the system 
such that the receiving device 3 sends a device ID send 
request packet to the sending device 2 and, after receiv- 
ing the packet, the sending device 2 sends a devk:e ID 
response packet to the receiving device 3. In this case, 
the time required for the packet response is measured 
by the receiving device 3. In case that the receiving de- 
vice 3 measures the packet response, it is acceptable 
that the receiving devtoe 3 sends a result of the meas- 
ured time of the packet response to the sending device 
2. 

[0038] If the device ID response packet Is received 
within a prescribed amount of time T, the ID registration 
processing unit 15 Inside the sending device 2 registers 
the device ID of the receiving device 3 In the ID manag- 
ing unit 24. If the device ID response packet is not re- 
ceived within the prescribed amount of time T, the reg- 
istration is determined to have failed and the device ID 
is not registered In the ID managing unit 24 (step SI 6). 
[0039] It is acceptable that the time measurement is 
conducted only once, and it is also acceptable that the 
time measurement Is retried for prescribed times until 
the device ID response packet Is received within a pre- 
scribed amount of time. 

[0040] If the device I D registration fails , it is necessary 
to inform the user that it is necessary to perform the de- 
vice ID registration over an identical link network but with 
a shorter distance between devices. Therefore the user 
is urged to try such actions as the following: perform the 
registration with the sending device 2 and the receiving 
device 3 plugged into the same Ethernet (registered 
trademark) switch; perfomn the registration with the 
sending device 2 and the receiving device 3 connected 
directly to the Ethernet (registered trademark) cable; 
temporarily reduce the traffic on the network (by, for ex- 
ample, stopping transmissions of AV data between oth- 



er communication devices); stop other applications mn- 
nlng on the sending device 2 or receiving device 3 in 
order to reduce the processing load. 
[0041] After the processing of step S1 6 is completed, 
the receiving device 3 starts measuring time with the 
measuring unit 26 (step SI 7) and sends a device ID 
send request packet to the sending device 2 (step SI 8). 
The sending device 2 receives the request and sends a 
device ID response packet (step SI 9). 
[0042] If the receiving device 3 receives the device ID 
response packet from the sending device 2 within a pre- 
scribed amount of time T, the receiving devbe 3 regis- 
ters tlTe device ID of the sending device 2 in the ID man- 
aging unit. If the device ID response packet Is not re- 
ceived within the prescribed amount of time T, the device 
ID of the sending device 2 Is not registered (step S20). 
[0043] It is acceptable that the time measurement is 
conducted only once, and It is also acceptable that the 
time measurement is retried for prescribed times until 
the device ID response packet is received within a pre- 
scribed amount of time. 

[0044] It is also acceptable to accomplish this time 
measurement using packets other than th© device ID 
registration request and response packets. It is also ac- 
ceptable to accomplish the time measurement using IP 
packets. But not limited to this, other packets can be 
used in this embodiment. 

[0045] After completing the procedure just described, 
the sending device 2 and the receiving device 3 end reg- 
istration mode (steps S21 and S22) and execute au- 
thentication and key exchange processing (steps S23 
to S29 of Figure 6). 

[0046] First, the receiving device 3 uses an IP packet 
to send a request for authentication and key exchange 
to the sending device 2 (step S23) . The receiving de- 
vice 3 includes its own device ID In the IP packet. 
[0047] The sending device 2 receives the IP packet 
from the receiving device 3 and checks if the device ID 
of the receiving device 3 is registered In the ID managing 
unit 14 (step S24). If the device ID is registered, the 
sending device 2 uses an IP packet to send a request 
for authentication and key exchange to the receiving de- 
vice 3 (step S25). The sending device 2 includes its own 
device ID In the IP packet. For example, the measure- 
ment can be achieved using key exchange or random 
number request and response packets. Another exam- 
ple is that the measurement can be done using Ethernet 
Frames instead of IP packets. 

[0048] The receiving device 3 receives the IP packet 
from the sending device 2 and checks if the device ID 
of the sending device 2 Is registered In the ID managing 
unit 24 (step S26). If the device ID Is registered, authen- 
tication and key exchange is executed between the 
sending device 2 and the receiving device 3 (step 827). 
[0049] If the authentication and key exchange suc- 
ceeds, the sending device 2 and the receiving device 3 
will share a content encryption key (steps S28 and S29) 
and the sending device will encrypt the content (step 
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S30). 

[0050] In this embodiment. the RTT measurement is 
carried out at the beginning part of the processing AKE 
(authentication and key exchange) protocol. It is also ac- 
ceptable such that the RTT measurement is carried out 
before the processing of AKE protocol, during the 
processing of the AKE protocol, or at the ending part of 
the processing AKE protocol. 

[0051] Next, the sending device 2 transmits the en- 
crypted AV data using RTP or HTTP (step S31). The 
receiving device 3 receives the AV data and decrypts 
the content (step S32). 

[0052] When either one of the devices, i.e., the send- 
ing device 2 or the receiving device 3, has already com- 
pleted the device ID registration procedure, the steps 
S13 to S16 or the steps SI 7 to S20 of Figure 5 can be 
omitted. 

[0053] It is also acceptable to conduct the request for 

device ID registration and the response thereto at the 
authentication and key exchange processing stage of 
step S25. 

[0054] It is also acceptable to provide a procedure for 
protecting against spoofing (man In the middle attack) 
when the device ID registration request and registration 
response are executed. In such a case, processing such 
as that shown in Figure 7 is executed instead of the 
steps S14 to SI 6 of Figure 5. 

[0055] First, the sending device 2 sends a random 
number send packetto the receiving device 3 using Eth- 
• emet (registered trademark) frames or wireless layer 
frames (step S41). The random number send packet 
contains a random number r generated by the sending 
device 2. 

[0056] The receiving device 3 receives the random 
number send packet and calculates a signature using 
the random number and its own device ID (step S42 ) . 
The receiving device 3 sends a random number re- 
ceived notification to the sending device 2 using Ether- 
net (registered trademark) frames or wireless layer 
frames (step S43). 

[0057] After receiving the notification, the sending de- 
vice 2 starts measuring time using the measuring unit 
(step 844) and sends a device ID request packet to the 
receiving device 3 using Ethernet (registered trade- 
mark) frames or wireless layer frames (step S45). This 
packet contains the aforementioned random number r. 
[0058] After receiving the packet, the receiving device 
3 sends a device ID response packet containing the ran- 
dom number r and its own device ID and signature to 
the sending device 2 (step S46). 
[0059] The sending device 2 determines If the amount 
of time from when it sent the device ID request packet 
until when it received the device ID response packet is 
within a prescribed amount of time T If the time is within 

the prescribed amount of time T, the device ID = b of the 

receiving device 3 is registered in the ID managing unit. 
If response is not received within the prescribed amount 
of time T, the device ID is not registered to the ID man- 



aging unit (step 847). 

[0060] Thus, in the first embodiment, the other com- 
munication device (receiving device 3 or sending device 
2) is only registered If the response Is received within a 
5 prescribed amount of time after the device ID registra- 
tion request is issued. As a result, it is possible to restrict 
the transmission of AV data to communication devices 
that are within a limited area and the AV data can be 
copyright-protected using simple processing. 

10 

(Second Embodiment) 

[0061] The second embodiment is configured such 
that after the receiving device 3 has issued a request for 
15 authentication and key exchange to the sending device 
2, the sending device 2 sends a devtee ID request pack- 
et to the receiving device 3. 

[0062] The constituent features of the sending device 
2 and the receiving device 3 of the second embodiment 

20 are the same as those shown in Figure 2 and Figure 4 
and descriptions thereof are therefore omitted. 
[0063] Figure 8 is a sequence diagram showing the 
processing steps for transmitting AV data in the second 
embodiment. First, the receiving device 3 issues a re- 

25 quest for authentication and key exchange to the send- 
ing device 2 (step S51 ). The sending device 2 conf Inms 
that the receiving device 3 from which the request for 
authentication and key exchange was issued Is not al- 
ready registered in the ID managing unit (step 852), 

30 starts measuring time with the measuring unit (step 
853), and sends a device ID request packet tQ the re- 
ceiving unit 3 using Ethernet (registered trademark) 
frames or wireless layer frames (step S54). 
[0064] The receiving device 3 responds to the packet 

35 by sending a device ID response packet to the sending 
device 2 using Ethernet (registered trademark) frames 
or wireless layer frames (step S55). 
[0065] Next, if the amount of time from when the send- 
ing device 2 sent the device ID request packet until it 

40 received the device ID response packet is within a pre- 
scribed amount of time T, the sending device 2 registers 
the device ID (= b) of the receiving device 3 to the ID 
managing unit 14. It response is not received within the 
prescribed amount of time T. the device ID is not regis- 

45 tered (step S56). 

[0066] Next, the receiving device 3 uses the same 
steps to execute registration processing with respect to 
the device ID of the sending device 2 (steps S67 to S60). 
Thereafter, the processing steps are the same as steps 

so S21 to S32 of Figure 6. 

[0067] When either one of the devices, i.e., the send- 
ing device 2 or the receiving device 3, has already com- 
pleted the device ID registration procedure, the steps 
862 to 856 or the steps S57 to S60 of Figure 8 can be 

55 ..emitted. - 

[0068] Thus, the second embodiment eliminates un- 
necessary requests and responses for device IDs be- 
cause the device ID requests are issued after the re- 
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quest for authentication and key exchange. As a result, 
communication traffic can be reduced. 

(Third Embodiment) 

[0069] The third embodiment is different from the first 
and second embodiments in that it is configured such 
that AV data can only be transmitted between a sending 
device and a receiving device in which an ID sent from 
the same short-distance wireless device is registered. 
[0070] Figure 9 is a block diagram showing an infor- 
mation communk:ation system in accordance with the 
thirdembodimentof the present invention. In addition to 
the features shown in Figure 1 , the infomnatlon commu- 
nication system shown in Figure 9 is provided with a 
short-distance wireless device 4 that includes an infra- 
red remote controller (hereinafter called "remote con- 
trol") and a wireless tag. 

[0071] The sending device 2a and the receiving de- 
vice 3a of this embodiment both communicate wireless- 
ly with the short-distance wireless device 4 and register 
the globally unique ID (hereinafter called "short-dis- 
tance ID") sent from the short-distance wireless device 
4. AV data (or its copyright protection key exchange) is 
only allowed to be transmitted between a sending de- 
vice 2a and a receiving device 3a that have this short- 
distance ID registered therein. More specifically, if the 
ID is not registered In the sending device 2a and receiv- 
ing device 3a, authentication and key exchange (or ex- 
change of content) will not succeed between the send- 
ing devbe 2a and receiving device 3a. 
[0072] The short-distance wireless device 4 holds the 
short-distance ID and sends the ID to both the sending 
device 2a and the receiving device 3a using short-dis- 
tance wireless communication only. The "short-dis- 
tance" mentioned here is, for example, the range (e.g., 
several meters) that can be reached by the Infrared rays 
In the case of an infrared device or the range (e.g., sev- 
eral centimeters) that can be reached by the radio 
waves in the case of a wireless tag device. 
[0073] Figure 10 Is a block diagram showing an ex- 
ample of the sending device 2a shown In Figure 9. Com- 
ponents In Figure 1 0 that are the same as in Figure 2 
are Indicated with Identical reference symbols and only 
the differences will be discussed below. 
[0074] Simllarty to Figure 2, the sending device 2a of 
Figure 10 is provided with a network interface unit 11 , a 
communication processing unit 12, a DTCP device ID 
recording unit 13, an ID managing unit 14, a DTCP au- 
thentication and key exchange processing unit 17, an 
encryption processing unit 18, a packet processing unit 
19, and a content supplying unit 20. Additionally, the 
sending device 2a of Figure 1 0, is provided with the fol- 
lowing: a short-distance wireless interface unit 41 for 
short-distance wireless communication; a short-dis- 
tance authentication and key exchange processing unit 
42 configured to execute authentication and key ex- 
change between the sending device 2a and the short- 



distance wireless device 4; a short-distance ID manag- 
ing unit 43 configured to register the short-distance ID 
acquired by means of short-distance wireless commu- 
nication; an ID registration processing unit 44 conflg- 

5 ured to control the registration of the short-distance ID 
to the short-distance ID managing unit 43: a registration 
completed notification processing unit 45 configured to 
notify the user that the registration of a short-distance 
ID has been completed; and a power supply control unit 

10 46 configured to supply a power supply voltage to the 
short-distance wireless interface unit 41 and peripheral 
units thereof only during registration of a short-distance 
ID. 

[0075] For security reason, it is also acceptable to pro- 

15 vide the short-distance ID managing unit 43 and the ID 
registration processing unit 44, respectively, with en- 
cryption communication processing units 43a, 44a con- 
figured to encrypt the short-distance ID. This arrange- 
ment eliminates the risk of the short-distance ID being 

20 illicitly acquired from the data bus between the short- 
distance ID managing unit 43 and the ID registration 
processing unit 44. More specifically, the data transfer 
between the ID registration processing unit 44 and the 
short-distance ID managing unit 43 takes place through 

25 a general-purpose data bus in a case in which all of the 
following conditions exist: the short-distance wireless In- 
terface unit 41 , the short-distance wireless authentica- 
tion and key exchange processing unit 42, and the ID 
registration processing unit 44 are modularized into, for 

30 example, infrared modules or wireless tag modules; the 
modules are connected to a PCI bus or other general- 
purpose data bus; and the short-distance ID managing 
unit 43 and the DTCP authentication and key exchange 
processing unit 17 operate using software located In an 

35 MPU. Consequently, if the short-distance ID is not en- 
crypted, it can be intercepted illicitly on the general-pur- 
pose data bus and used for such purposes as to make 
illegal copies. 

[0076] Therefore, it is preferred to provide encryption 

^0 communication processing units 43a and 44a in the 
short-distance ID managing unit 43 and the ID registra- 
tion processing unit 44, respectively, and encrypt, such 
as the short-distaace ID before transmitting it. The en- 
cryption commmication processing units 43a, 44a can 

45 t>e constituted with hardware or they can configured to 
accomplish the encryption of the IDs using software by 
preparing an API for encrypting with software. 
[0077] It Is also acceptable to provide the encryption 
communication processing units 43a, 44a with internal 

50 functions for measuring if the communications between 
the encryption communication processing units 43a, 
44a are taking place within a prescribed amount of time. 
This function is provided in order to check If the physical 
distance l^etween the short-distance ID managing unit 

55 43 and the ID registration processing unit 44 is within a 
prescribed distance (e.g. , if the physical distance be- 
tween the short-distance ID managing unit 43 and the 
ID registration processing unit 44 within the same case 
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is within a prescribed distance or if the physical distance 
between the short-distance ID nnanaging unit 43 and an 
externally attached part, such as a USB dongle. consti- 
tuting the short-distance wireless processing unit is 
within a prescribed distance). 

[0078] The externally attached part mentioned here 
includes, for example, the short-distance wireless Inter- 
face unit 41 , the short-distance authentication and key 
exchange processing unit 42, and the ID registration 
processing unit 44. Without this time measuring (dis- 
tance measuring) function, it is feasible that someone 
could attack the system by arranging an externally at- 
tached part in a remote location, connecting the short- 
distance ID managing unit 43 and the externally at- 
tached part together through the internet or other public 
network (wide area network) , and registering a device 
remotely. Said function has the effect of preventing such 
an attack. 

[0079] It is possible that the functions related to short- 
distance wireless communication (e.g., the short-dis- 
tance wireless interface unit 41 , the short-distance au- 
thentication and key exchange processing unit 42, and 
the ID registration processing unit 44) will be functions 
that are not used except when registering a short-dis- 
tance ID. Therefore, electric power can be conserved 
by configuring the system such that power is not sup- 
plied to these functions except when a short-distance 
ID is being registered. This control of the power supply 
is executed by the power supply control unit 46, The 
poweir supply control unit 46 detects when a user press- 
es the short-distance ID registration button and controls 
the power supply accordingly. 

[0080] The short-distance wireless ID is an identifica- 
tion number for the short-distance wireless device 4 and 
it is acceptable for it to be an identification number that 
is issued by the same Ik^ensing institution as the DTCP 
or DTLA (the license organization of DTCP) and as- 
signed a value that is unique throughout the world. Sim- 
ilarty to the DTCP device ID , ft is also acceptable for the 
short-distance wireless ID to be an ID embedded in a 
certif bate (called a "devtoe certificate") that proves the 
device is a properly licensed device. The device certifi- 
cate includes digital signatures and the like that can be 
verified to conflmi that the device certificate is the cor- 
rect certificate. 

[0081] Figure 11 Is a block diagram showing an ex- 
ample of the receiving device 3a. Components in Figure 
11 that are the same as in Figure 4 are indicated with 
identical reference symbols and only the differences will 
be discussed below. 

[0082] Similarly to Figure 4, the receiving devrce 3a 
of Figure 11 is provided with a network interface unit 21, 
a communication processing unit 22, a DTCP device ID 
recording unit 23, an ID managing unit 14, a DTCP au- 
thentication and key exchange processing unit 27, an 
encryption processing unit 28, a packet processing unit 
29, and a content supplying unit 30. Additionally, the re- 
ceiving device 23a.of Figure 11 , is provided with the fol- 



lowing: a short-distance wireless interface unit 51 for 
short-distance wireless communk:atton; a short-dis- 
tance authentication and key exchange processing unit 
52 configured to execute authentication and key ex- 

5 change between the receiving device 3a and the short- 
distance wireless device 4; a short-distance ID manag- 
ing unit 53 configured to register the short-distance ID 
acquired by means of short-distance wireless commu- 
nication; an ID registration processing unit 54 config- 

10 ured to control the registration of the short-distance ID 
to the short-distance ID managing unit 53; a registration 
completed notification processing unit 55 configured to 
notify the user that the registration of a short-distance 
ID has been completed; and a power supply control unit 

IS 56 configured to operate (i.e., tum on the power to) the 
short-distance wireless interface unit and penpheral 
units thereof only durtng registration of a short-distance 
ID. 

[0083] Figure 1 2 shows the data structure of the short- 
20 distance ID managing units 43, 53 Inside the sending 
device 2a and receiving device 3a. The values of the 
short-distance IDs are registered in the short-distance 
ID nrranaging unit 43, 53 as mandatory items. Other val- 
ues, such as the RTT (round trip time), the DTCP device 
25 \o, and the date and time of registration corresponding 
to each short-distance ID are recorded as optional 
items. 

[0084] Figure 13 is a block diagram showing an ex- 
ample of the internal features of the short-distance wire- 

30 less device 4 when the short-distance wireless device 
4 is an infrared remote control device. The infrared re- 
mote control device of Figure 1 3 is provided with the fol- 
lowing: an infrared communication interface unit 61 ; an 
AV devfce initialization processing unit 62 for initializing 

35 the AV device; an AV devce control processing unit 63 
for controlling the AV device; a short-distance ID record- 
ing unit 64 configured to record the short-distance ID of 
the infrared device; an ID registration processing unit 65 
configured to control registration of the ID to the short- 

40 distance ID recording unit 64; a registration counter 66 
configured to measure the number of times recording of 
the short-distance ID to the short-distance ID recording 
unit 64 takes place; short-distance wireless authentica- 
tion and key exchange processing unit 67 configured to 

45 execute authentication and key exchange between the 
short-distance wireless devtoe 4 and the sending devk^e 
2a, or, between the short-distance wireless device 4 and 
the receiving device 3a; and a user interface unit 68. 
[0085] It is acceptable for the infrared communication 

50 interface unit 61 to be provided with a two-way infrared 
interface unit for short-distance ID registration 61a and 
a one-way infrared interface unit for AV device control. 
While the infrared remote control interface for controlling 
an AV device is generally a one-way interface, the infra- 

55 red interface for registering the short-distance ID of this 
embodiment is a two-way interface, as descnbed later. 
In order to accomplish these two functions, it is neces- 
sary to provide the infrared communication interface unit 
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61 with two infrared interfaces 61a, 61b. These two in- 
frared interfaces can be constituted with two or more 
separate components or sealed inside one individual 
component. The two-way infrared interface 61 a for 
short-distance ID registration is connected to the short- 
distance wireless authentication and key exchange 
processing unit 67 and the AV device Initialization 
processing unit 62. Meanwhile, the one-way infrared in- 
terface 61 b for AV device control is connected to the AV 
device control processing unit 63. It is acceptable for 
these two infrared interfaces 61a, 61b to use different 
infrared frequencies, command systems, and packet 
formats, 

[0086] Meanwhile, Figure 1 4 is a block diagram show- 
ing an example of the internal features of the short-dis- 
tance wireless device 4 when the short-distance wire- 
less device 4 is a wireless tag device. The wireless tag 
device of Figure 1 4 is provided with the following: a wire- 
less tag communication interface unit 70; an AV device 
initialization processing unit 71 ; a short-distance wire- 
less authentication and key exchange processing unit 
72; an ID registration processing unit 73; a registration 
counter 74; a short-distance ID recording unit 75; and a 
user interface unit 76. 

[0087] The wireless tag device does not require a bat- 
tery, and is therefore economical, because it sends its 
wireless signal using electric power generated from re- 
ceived radio waves. Although omitted in Figure 14, a ca- 
pacitor for storing electric power generated from re- 
ceived radio waves is provided Inside the wireless tag 
device. 

[0088] Figure 15 is a sequence diagram showing the 
processing steps for registering a short-distance ID to 
the sending device 2a and the receiving device 3a. The 
processing steps for registering a short-distance ID will, 
now be described based on Figure 15. In order to send 
the short-distance ID from the short-distance wireless 
device 4 to the sending device 2a (or the receiving de- 
vice 3a), the user depresses the button 68a of the short- 
distance wireless device 4 shown in Figure 13 to put the 
short-distance wireless device 4 into registration mode 
(step S71). Then the user depresses the button of the 
sending device (or receiving device 3a} to which the 
short-distance ID is to be sent and points the short-dis- 
tance wireless device 4 toward the sending device 2a 
(or receiving device 3a). This procedure puts the send- 
ing devtee 2a (or receiving device 3a) into registration 
mode (step S72). 

[0089] It is acceptable for the sending devk^e 2a (or 
receiving device 3a) to be configured such that, when 
the device enters registration mode, the power supply 
control unit 46 (or 56) delivers electric power to the 
short-distance wireless interface unit 41 (or 51 ) and the 
peripheral units thereof. 

[0090] Thus, with this embodiment, the possibility of 
sending AV data over the internet or the like from a seed- 
ing device 2a to a receiving device 3a in a distant loca- 
tion is eliminated because it Is necessary for the user to 



depress buttons on both the sending device 2a and the 
receiving device 3a and then register the short-distance 
ID using the same short-distance wireless device 4. 
[0091] Next, the user points the short-distance wire- 

5 less device 4 at the sending device 2a (or receiving de- 
vice 3a) or brings the short-distance wireless device 4 
close to the sending device 2a (or receiving device 3a) 
and depresses the short-distance ID registration button 
(step S73). This action causes authentication and key 

10 exchange to take place between the short-distance 
wireless device 4 and the sending device 2a (or receiv- 
ing device 3a) and each device confinms that the other 
is a device that has been recognized by a proper licens- 
ing institution (step S74). If necessary, public keys or 

IS other keys are exchanged. The key exchange proce- 
dure is discussed later. 

[0092] Next, the short-distance wireless device 4 de- 
termines if the value of the registration counter, which 
measures the number of limes the short-distance ID has 

20 been sent to a sending device 2a (or receiving device 
3a) and registered, is larger than zero (step S75) . If the 
value of the registration counter is larger than zero, the 
number of previous registrations is smaller than a pre- 
scribed number and the short-distance ID is sent to the 

25 sending device 2a (or receiving device 3a) (step S76). 
If the value of the registration counter is zero, the pre- 
scribed number of registrations has already been per- 
formed and transmission of the short-distance ID is 
stopped. 

30 [0093] It is acceptable that the short-distance ID is 
sent from the same wireless device 4 to the sarpe send- 
ing device 2a or receiving device 3a) for more than two 
times. 

[0094] After the short-distance wireless device 4 
35 sends the short-distance ID to the sending device 2a (or 
receiving device 3a), it decrements the registration 
counter by 1 (step S77). 

[0095] The sending device 2a (or receiving device 3a) 
receives the short-distance ID and transmits the short- 
40 distance ID to the short-distance ID managing unit 43, 
53 (step S78). As described previously, in order to pre- 
vent unlawful acquisition of the short-distance ID during 
transmission, the short-distance ID can be, for example, 
encrypted or provided with a signature so that it can be 
45 determined if the short-distance ID has been altered. It 
is also acceptable to measure if the transmission to the 
short-distance ID managing unit 43, 53 is accomplished 
within a prescribed amount of time. 
[0096] Next, it is determined if the number of short- 
so distance IDs registered in the short-distance ID manag- 
ing unit 43, 53 is below a prescribed number N (step 
S79). If the number of short-distance IDs is below the 
prescribed number, the short-distance ID is registered. 
If the number of short-distance IDs is already the pre- 
ss scribed number N, it is acceptable to register the new 
short-distance ID after deleting the short-distance ID 
that was registered the longest ago or another short-dis- 
tance ID as described previously. 
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[0097] After the completing the steps just described, 
registration mode ends for the short-distance wireless 
device 4 and the sending device 2a (or receiving device 
3a) and the user is notified that registration mode has 
ended by a beep sound or an indication presented on a s 
display (steps S80 to SB3). 

[0098] The sending device 2a and the receiving de- 
vice 3a register the short-distance ID in their respective 
short-distance ID managing units 43, 53. A predeter- 
mined number N of IDs can be registered in the short- io 
distance ID managing units 43, 53. The value of N can 
be selected to be 1 or some other value, such as 2, 4, 
8, or 16. Although it is feasible to configure the system 
such that when there is a request to register a new short- 
distance ID and the maximum number N of short-dis- ^5 
tance IDs has already been registered, the new short- 
distance ID Is registered after taking such a measure as 
deleting the short-distance ID that was registered the 
longest ago, the basic idea is to deny any registrations 
of new IDs beyond the prescribed number N. 20 
[0099] The registration processing of the short-dis- 
tance ID managing units 43, 53 is executed separately 
by the sending device 2a and the receiving device 3a, 
respectively. In other words, the sending device 2a and 
the receiving device 3a each execute the short-distance 
ID registration using the same short-distance wireless 
device 4. It is preferable that it be possible to confinri 
that the sending device 2a and the receiving device 3a 
are close to each other when the registrations are per- 
fonmed. Othenwise. it will be possible for the short-dis- 30 
tance ID to registered using the same short-distance 
wireless device 4 at different times and locations with 
respect to the sending device 2a and the receiving de- 
vice 3a, respectively (for example, the ID could be reg- 
istered to the sending device 2a in Tokyo and to the re- 35 
ceiving device 3a in Osaka). As a result, it would be pos- 
sible to accomplish remote communication between ar- 
bitrary remote locations. 

[0100] Thus, It is acceptable to provide a measuring 
unit 69 inside the short-distance wireless device 4 as 40 
shown in Figure 1 3 so that the registration tasks execut- 
ed by the sending device 2a and the receiving device 
3a are disallowed if they are not executed in succession 
and completed within several minutes. 
[0101] Another option is to provide a GPS (global po- 
sitloning system) inside the short-distance wireless de- 
vice 4 and disallow registration of the short-distance ID 
when it can be estimated that the distance between the 
sending device 2a and the receiving device 3a is greater 
than a prescribed distance. 50 
[0102] Still another option is to provide RTT measur- 
ing units 47, 57 for measuring the RTT (round trip time) 
in the ID registration processing units 44, 54 of the send- 
ing'device 2a and the receiving device 3a as shown in 
Figures 10 and 11 , use said measuring units 47, 57 to 55 
measure if the time required (RTF) for the data transac- 
tion with the remote control device or the wireless tag 
device is less than a prescribed amount of time, and dis- 



allow registration of the short-distance ID if the RTT Is 
not less Xh^n the prescribed amount of time. The RTT 
measuring units 47, 57 are configured to, for example, 
send a prescribed packet to the short-distance wireless 
device 4 and measure the round trip time required for a 
response packet to come back. The distance to the 
short-distance wireless device 4 can be estimated 
based on the RTT measurement result. 
[0103] Still another option is to provide measuring 
units in of the ID registration processing units 44, 54 of 
the sending devce 2a and the receiving device 3a, re- 
spectively, and check if the data transaction with the re- 
mote control device or the wireless tag device is com- 
pleted within a prescribed amount of time (RTT). If not, 
registration of the short-distance ID is disallowed. 
[01 04] Figure 1 6 is a sequence diagram of the authen- 
tication and key exchange processing and the send 
processing for registration of the short-distance ID. 
First, the short-distance wireless device 4 sends a trig- 
ger to the sending device 2a (or receiving device 3a) 
requesting that registration processing start (step S1 1 1 ). 
Then, the ID registration processing unit 44 (or 54) of 
the sending devk^e 2a (or receiving device 3a) starts a 
timer inside the RTT measuring unit 47 (or 57) (step 
S112) and sends a command for measuring the round 
trip time (RTT) to the short-distance wireless device 4 
(step S1 13). It is acceptable for a random value An se- 
lected by the short-distance wireless devk:e 4 to be 
transmitted along with the command. Upon receiving 
the command, the short-distance wireless device 4 im- 
mediately sends a reply to the sending devtoe 2a (or re- 
ceiving device 3a) (step S1 1 4) . It is acceptable for a ran- 
dom value Bn selected by the sending devk:e 2a (or re- 
mote control device (short-distance wireless device 4)) 
to be transmitted along with the reply. 
[0105] Upon receiving the reply, the sending devrce 
2a (or receh/ing device 3a) uses the timer Inside the RTT 
measuring unit 47 (or 57) to measure the RTT (step 
S115). If the measured value is less than a predeter- 
mined value (e.g., several milliseconds), the distance 
between the short-distance wireless device 4 and the 
sending device 2a (or receiving device 3a) is recognized 
to be smaller than a prescribed distance and the subse- 
quent authentication and key exchange processing cal- 
culating or sharing content key to encrypt the AV data 
Is allowed. If the RTT Is equal to or greater than the pre- 
determined time value, the distance between the short- 
distance wireless device 4 and the sending device 2a 
(or receiving device 3a) is recognized to be equal to or 
larger than the prescribed distance (i.e., there is the pos- 
sibility that the devices are arranged remotely from each 
other and are communicating through a public network) 
and the subsequent authentication and key exchange 
processing calculating or sharing content key to encrypt 
the AV data is disallowed. The measurement of the RTT 
Is accomplished using a sequence in which encryption 
computations and hashing computations do not occur. 
Consequently, the measurement Is advantageous in 
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that an RTT value close to the true value can be meas- 
ured without taking into consideration the time required 
for encryption and hashing computations. 
[0106] Although in this embodiment the sending de- 
vice 2a (or receiving device 3a) conducts the RTT meas- 
urement, It is also acceptable to reverse the direction of 
the sequence so that the short-distance wireless device 
4 measures the RZT. It is also feasible to use a se- 
quence in which both the sending device 2a (or receiv- 
ing device 3a) and the short-distance wireless device 4 
measure the RTT. 

[01 07] Next, the short-distance wireless device 4 and 
the sending device 2a (or receiving device 3a) begin the 
authentication and key exchange processing. In this 
embodiment, the processing is accomplished using ex- 
tended (enhanced) restricted authentication, which has 
already been standardized in DTCP standards. More 
specifically, the sending device 2a (or receiving device 
3a) sends a key selection vector Aksv to the short-dis- 
tance wireless device 4 (step S1 16) and the short-dis- 
tance wireless device 4 sends its device certificate 
(Bcert) and a key selection vector (Bksv) to the sending 
device 2a (or receiving device 3a) (step S1 1 7). Then the 
two devices calculate the value of R and R' by following 
predetermined computational operations (steps S1 18 
and S119). 

[0108] I n the computations, SHA-1 is a predetermined 
hash function. The value of R computed by the short- 
distance wireless device 4 is sent to the sending device 
2a (or receiving device 3a) (step S120). 
[01 09] The sending device 2a (or receiving device 3a) 
compares the value of R' that it calculated to the value 
of R that was sent from the short-distance wireless de- 
vice 4 (step SI 21). If the values match, the authentba- 
tion and key exchange is deemed a success and the 
authentication key Kauth is computed (steps S122 and 

51 23) . Since the sending device 2a (or receiving device 
3a) can hold the same authentication key value Kauth, 
the short distance wireless device 4 sends the short-dis- 
tance ID value (AA) to the sending device 2a (or receiv- 
ing device 3a) using that value Kauth as a key (step 

5124) . Feasible methods include, for example, using 
the XOR of the short-distance ID and the value of Kauth 
and sending the result of an encryption computation that 
uses the value of Kauth as a key. 

[01 1 0] Since the extended restricted authentication of 
DTCP is provided with a mechanism to revoke a devk:e, 
it is possible for the sending device 2a (or receiving de- 
vice 3a) to deny (revoke) transactions from a particular 
short-distance wireless device 4. 

[0111] See the DTCP standards listed at http://www. 
dtcp.com for details regarding the extended restricted 
authentication procedure of DTCP. 
[0112] Figure 17 is a sequence diagram showing the 
processing steps for transmitting AV data between the 
sending device 2a and the receiving device 3a. In this 
embodiment, it is assumed that the same short-distance 
ID (= AA) is registered in the short-distance IDmanaging 



units 43, 53 of both the sending device 2a (whk^h is as- 
sumed to have devbe ID = a) and the receiving device 
3a (whfch is assumed to have device ID = b), respec- 
tively 

[01 13] The receiving device 3a requests the sending 
devbe 2a for authentrcatlon and key exchange by send- 
ing notification of its own device ID (= b) and the short- 
distance ID (= AA) (step S91). 

[0114] Upon receiving the request, the sending de- 
vice 2a confirms that the short-distance ID AA is regis- 
tered in its short-distance ID managing unit (step S92) 
and requests the receiving device 3a for authentication 
and key exchange by sending notification of its own de- 
vice ID (= a) and the short-distance ID (= AA) (step S93). 
[0115] Upon receiving this request, the receiving de- 
vice 3a confirms that the short-distance ID AA is regis- 
tered In its short-distance ID managing unit (step S94), 
and authentication and key exchange is executed be- 
tween the sending device 2a and the receiving devk;e 
3a. 

[0116] If the authentication and key exchange suc- 
ceeds, the sending device 2a and receiving device 3a 
will share a common content encryption key (steps S96 
and S97). The sending device 2a uses this key to en- 
crypt the AV data (step S98) and sends the encrypted 
AV data to the receiving device 3a (step S99). The re- 
ceiving device 3a uses the content encryption key to de- 
crypt the received AV data ( step SI 00). 
[01 17] It is also feasible to use a method in which the 
short-distance ID is used as an input to the computation 
of the content encryption key. 

[0118] Figure 18 is a sequence diagram showing the 
processing steps for a case in which the short-distance 
ID (= AA) sent from the receiving device 3a in the pre- 
viously described step S91 is not registered in the short- 
distance ID managing unit 43 of the sending device 2a. 
The sending device 2a confirms that the short distance 
ID (= AA) is not registered in the short-distance ID man- 
aging unit 43 and urges the user to registered the short- 
distance ID using a beep sound or the like (step SI 01). 
[01 19] Figure 1 9 is a sequence diagram showing an- 
other example of the processing steps for transmitting 
AV data between the sending device 2a and the receiv- 
ing device 3a. In this example, the processing up to the 
step where the content encryption key is shared by the 
sending device 2a and the receiving device 3a (steps 
S131 to S134) is the same as the DTCP authentication 
and key exchange processing shown in Figure 17. 
Then, one or both of the devices confirms the value of 
the short-distance ID, Since there are no changes to the 
DTCP authentication and key exchange procedure, this 
arrangement has the merit that the conventional com- 
mands can be used as is by merely preparing additional 
commands for executing the short-distance ID transac- 
tions. 

[0120] In this embodiment, the short-distance ID con- 
finnation is earned out at the beginning part of the 
processing AKE (authentication and key exchange) pro- 
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tocol. It is also acceptable such that the short-distance 
ID confirmation is carried out before the processing of 
AKE protocol, during the processing of the AKE proto- 
col, or at the ending part of the processing AKE protocol. 

(Fourth Embodiment) 

[0121] In the third embodiment, the ID registration 
was accomplished using a short-distance wireless de- 
vice. In the fourth embodiment, instead of a short-dis- 
tance wireless device, an IC card (contact-type IC card), 
memory card, or other detachable storage device is 
used to accomplish the ID registration. In this explana- 
tion, an ICcard refersto.for example, aplastic card hav- 
ing a built-in tC and the size of a credit card or a stamp. 
A memory card refers to, for example, a PCMCIA mem- 
ory card or such a memory card of the type represented 
by SD cards and memory sticks. The memory card is 
not limited lo having a card-like shape and can be any 
memory device capable of being attached and de- 
tached, such as a USB key. 

[01 22] Figure 20 is a block diagram showing an infor- 
mation communication system in accordance with the 
fourth embodiment of the present invention. Figure 21 
is a block diagram showing an example of the internal 
features of the sending device 2b indicated in Figure 20 
and Figure 22 is a block diagram showing an example 
of the internal features of the receiving device 3b shown 
in Figure 20. The difference with respect to the third em- 
bodiment Is that instead of registering the ID using a 
short-distance wireless device, such as an infrared re- 
mote control or a wireless tag, the ID is registered using 
an IC card or a memory card (hereinafter referred to col- 
lectively as "IC card") 5. 

[01 23] The sending devbe 2b and receiving device 3b 
of this embodiment are different from the sending device 
2a and receiving device 3a of the third embodiment In 
that they are each provided with an IC card interface unit 
31 , 32 and an IC card authentication and key exchange 
processing unit 33, 34 (Figures 21 and 22) instead of a 
short-distance wireless interface and a short-distance 
wireless authentication and key exchange processing 
unit. 

[0124] The sending device 2b and the receiving de- 
vice 3b each communicate with the IC card 5 through 
their respective IC card interface units 31, 32 and reg- 
ister the globally unique ID (short-distance ID) transmit- 
ted from the IC card 6. The feature that AV data can only 
be transmitted between a sending device 2b and a re- 
ceiving device 3b in which the same short-distance ID 
has been registered is the same as the third embodi- 
ment. 

[0125] Each IC card has a short-distance ID. The IC 
card is set into an IC card throttle (IC card interface unit) 
of the sending device 2b or receiving device 3b and the 
short-distance ID is transmitted. Since the ID transmis- 
sion cannot take place unless the IC card physically ex- 
ists in the interface unit, remote registration is believed 



to be impossible. 

[0126] Figure 23 is a block diagram showing an ex- 
ample of the internal features of an IC card. The IC card 
shown in Figure 23 is provided with the following: an IC 

5 card interface unit 81, an AV device initialization 
processing unit 82 for initializing the AV device; a short- 
distance ID recording unit 83 configured to record the 
short-distance ID of the IC card; an ID registration 
processing unit 84 configured to control the registration 

10 of IDs to the short-distance ID recording unit 83; a reg- 
istration counter 85 configured to measure the number 
times recording of the short-distance ID to the short-dis- 
tance ID recording unit 83 takes place; a short-distance 
wireless authentication and key exchange processing 

15 unit 86 configured to execute authentication and key ex- 
change between the sending device 2b and the receiv- 
ing device 3b. 

[01 27] It is acceptable such that the short-distance ID 
confirmation is carried out before the processing of AKE 

20 protocol, during the processing of the AKE protocol, or 
at the ending part of the processing AKE protocol. 
[01 28] It is acceptable for the IC card shown in Figure 
23 to include other functions, such as a memory card 
function. In such a case, the IC card will be provided 

25 with a memory unit and functions for executing other 
functions. 

[0129] The short-distance ID registration processing 
steps, registration sequence, and internal operations of 
the fourth embodiment are the same as in the third em- 
30 bodlment and the operational effects achieved are the 
same as with the third ennbodiment. 

(Fifth Embodiment) 

35 [0130] In the fourth embodiment, the registration of 
the IDs is accomplished using an ID card or a memory 
card. Some digital AV devices are provided with an ID 
card interface unit and configured such that they cannot 
be used as an AV device unless the ID card is inserted. 

40 One example of such a device is the B-CAS card widely 
used in Japan for digital broadcasting. The card is pro- 
vided with a functions for receiving scrambled content 
from a digital broadcast and descrambling and output- 
ting the content and a function for using an Internal ID 

45 number (different from the short-distance ID) to confirm 
the receiver. 

[0131] Since all digital broadcast devices are provid- 
ed with such an IC card interface unit, it would be a con- 
venient arrangement to use the IC card interface both 

so for the aforementioned ID card and for an IC card con- 
figured to write a short-distance ID in accordance with 
the embodiment of the present invention. This embodi- 
ment is contrived to realize such an arrangement. 
[0132] Figure 24 is a block diagram showing an infor- 

55 mation communication system in accordance with the 
fifth embodiment of the present Invention. Figure 25 is 
a block diagram showing an example of the internal fea- 
tures of the receiving device 3c indicated in Figure 24. 
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The information communication system shown in Figure 
24 is generally the same as the information communi- 
cation system shown In Figure 20 except that instead of 
using an ID card (or memory card), the information com- 
munication system shown In Figure 24 uses a B-CAS 
card. 

[0133] The information communication system shown 
In Figure 24 is provided with a sending device 2c, a re- 
ceiving device 3c, and a B-CAS card 6 that can be in- 
serted Into the sending device 2c and the receiving de- 
vice 3c. 

[01 34] In this embodiment, the receiving device 3c is 
a device (e.g., a display) equipped with a digital broad- 
cast receiving function. 

[0135] As shown in Figure 25, the receiving device 3c 
has a B-CAS card interface unit 35 and a B-CAS card 
authentication/key exchange processing unit 36. It Is al- 
so acceptable for the sending device 2c to have a 
B-CAS card Interface unit and a B-CAS card authenti- 
cation/key exchange processing unit. 
[0136] The B-CAS card Interface unit 35 has the dis- 
tance required for registering the short-distance ID and 
Is provided with the characteristic functions of B-CAS 
cards described previously (e.g., scramble processing 
and receiver confirmation functions). 
[0137] Figure 26 is a block diagram showing an ex- 
ample of the internal features of a B-CAS card 6. The 
B-CAS card shown in Figure 26 Is provided with a 
B-CAS card interface unit 91 , a B-CAS processing unit 
92. an AV device initialization processing unit 93, a 
short-distance wireless authentication and key ex- 
change processing unit 94, an ID registration process- 
ing unit 95, a registration counter 96, and a short-dis- 
tance ID recording unit 97. 

[0138] The B-CAS card 6 differs from the ID card de- 
scribed in the fourth embodiment In that it is provided 
with a B-CAS card interface 91 and a B-CAS processing 
unit 92 for realizing the characteristic functions of B-CAS 
cards (e.g., scramble processing and receiver confimna- 
tlon functions). 

[0139] The short-distance ID registration processing 
steps, registration sequence, and internal operations of 
the fifth embodiment are the same as in the third and 
fourth embodiments. 

[0140] In the third to fifth embodiments, AV data can 
be sent from the sending device 2 to the receiving device 
3 only when the same short-distance wireless device 4 
has registered the short-distance ID to both the sending 
device 2 and the receiving device 3. Thus, an arrange- 
ment can be achieved in which AV data is allowed to be 
transmitted only to specific sending devices 2 and re- 
ceiving devices 3 and the copyrights of the AV data can 
be reliably protected. 

[0141] By restricting the number of times the short- 
distance ID can be registered from the short-distance 
wireless device 4 to the sending device 2 (or receiving 
device 3), the illicit acquisition of AV data by means of 
the illicit use of the short-distance wireless device 4 can 



26 

be prevented. 

[0142] Additionally, by setting the time interval during 
which the short-distance ID must be registered to the 
sending device 2 and the receiving device 3 to a pre- 

5 scribed amount of time, registration of the short-dis- 
tance ID to a sending device 2 or receiving device 3 po- 
sitioned in a remote location can be prevented. 
[0143] Since the short-distance ID cannot be regis- 
tered unless the user Is close to the sending device 2 

10 (or receiving device 3) and performs such tasks as op- 
erating a button when sending the short-distance ID 
from the short-distance wireless device 4 to the sending 
device 2 (or receiving devce 3), an arrangement can be 
achieved in which the short-distance ID can be regls- 

is tered only to sending devices (or receiving devices 3) 
that are close to the user. 

[0144] Although all of the previously described em- 
bodiments concern the transmission of AV data that re- 
quires copyright protection, the present invention can al- 
20 so be applied to the transmission of various other types 
of content (electronic data) that require copyright pro- 
tection. 

[01 45] The internal features of the sending devices 2, 
2a, 2b, 2c and receiving devices 3, 3a, 3b, 3c described 
in Figure 2 and other figures are merely examples. It is 
also accepted for the previously described sending de- 
vices to be provided with the functions of a receiving 
device and/or for the receiving device to be provided 
with the functions of a sending device. 

30 [0146] A transmission control program in accordance 
with the embodiment of the present invention is a com- 
puter program created to achieve the previously de- 
scribed processing and stored in a memory device pro- 
vided in an infomriation communication device or an in- 

35 formation communication system. A processing unit 
provided in the infomnation communication device or in- 
formation communication system can read the compu- 
ter program from the memory device and execute it to 
accomplish the previously described Information com- 

40 munication processing. 

[0147] As described in detail heretofore, an informa- 
tion communication device in accordance with the 
present invention does not register the device identifi- 
cation information of another communication device un- 

45 less the other communication device is connected to a 
network having a limited range. Consequently, it is pos- 
sible to limit the transmission destinations to which elec- 
tronic data can be sent and to provide reliable copyright 
protectk>n for the electronic data. 

50 [0148] The invention may be embodied in other spe- 
cific fomns without departing from the spirit or essential 
characteristics thereof. The present embodiment is 
therefore to be considered In all respects as illustrative 
and not restrictive, the scope of the invention being in- 

55 dicated by the appended claims rather than by the fore- 
going description, and all changes which come within 
the meaning and range of equivalency of the claims are 
therefore intended to be embraced therein. 
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Claims 

1 . An information communication device for transmit- 
ting electronic data encrypted for the purpose of 
copyright protection, the device comprising: 

an identification information managing unit con- 
figured to hoid device identification Infomnation 
in connection with other information communi- 
cation devices acquired through a network; 
an ID registration processing unit configured to 
register the device identification Information of. 
another communication device when the other 
communication device satisfies a predeter- 
mined distance condition or when common 
identification information that is held by both in- 
formation communication devices is received 
from a-portable device; and an authentication 
and l<ey exchange processing unit configured 
to, for the purpose of copyright protection, com- 
plete authentication and icey exchange process 
(AKE process) only when another information 
communication device whose device identifica- 
tion information is registered in the identifica- 
tion information managing unit. 

2. The information communication device as claimed 
in claim 1 , further comprising a measuring unit con- 
figured to measure if another information commu- 
nication device satisfies a predetemnined distance 
condition, 

wherein the ID registration processing unit is 
configured to register the device Identification Infor- 
mation of another information communication de- 
vice when the measurement result of the measuring 
unit indicates that the other Information communi- 
cation device satisfies the predetermined distance 
condition. 

3. The information communication device as claimed 
in claim 2, 

wherein the measuring unit is configured to 
determine rf the time duration from when a request 
for sending infomnation Is sent to another Infomia- 
tion communication device until when the Infonna- 
tlon Is received from the other information commu- 
nication device is within a predetenmined amount of 
time; and 

the ID registration processing unit is config- 
ured to register the device identification information 
of another information communication device when 
the measuring unit determines that said time dura- 
tion is within the predetenmined amount of time. 

4. The information communication device as claimed 
In claim 1 , 

wherein the ID registration processing unit is 
configured to issue a registration request to another 



infonmation comnunicatlon device and register the 
device identification information of the other infor- 
mation communication device to the identification 
Infonmation managing unit when the other informa- 
5 tion is recognized to be connected to a network hav- 
ing a prescribed limited range. 

5. The Information communication device as claimed 
in claim 4, further comprising an interface unit con- 
to nected to a local networic, 

wherein the ID registration processing unit is 
configured to register the device identification infor- 
mation of the other infonnation communication de- 
vice to the identification infomnation managing unit 
15 when the other information communication device 
is connected directly to the local network. 

6. The Information communication device as claimed 
in claim 4, 

20 wherein the ID registration processing unit is con- 
figured such that, when the number of device iden- 
tification infomnation entries registered in the iden- 
tification information managing unit reaches a pre- 
determined upper limit, further registration of device 

25 ■ identification information is denied or a new device 
identification information entry is registered after 
deleting the device identification information that 
was registered the longest ago and/or the device 
identification information of the registered informa- 

30 tion communication device with which communica- 
tion has not been conducted for the longest period 
of time. 

7. The Infomnation communication device as claimed 
35 in claim 4, further comprising an authentication and 

key exchange request receiving unit configured to 
receive authentication and key exchange requests 
from other infonmation communteation devices, 

wherein the ID registration processing unit Is 

40 configured to register the device identification infor- 
mation of another information communication de- 
vice to the identification Information managing unit 
after the authentication and key exchange request 
receiving unit has received a request for authenti- 

45 cation and key exchange. 

8. The information communication device as claimed 
in claim 4, 

wherein when the device identification information 
50 of another information communication device is 
registered to the identification information manag- 
ing unit, the communkiation, for AKE process and/ 
or RTT measuring process, with the other Informa- 
tion communication device is accomplished using 
55 data link layer frames or physical layer frames. 

9. The information communication device as claimed 
in claim 8, the authentication and key exchange ex- 
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ecuted by the authentication and Icey exchange 
processing unit is accomplished using IP (internet 
protocol) packets. 

10. An infomnation communication system for transmit- 
ting electronic data encrypted for the purpose of 
copyright protection, the system comprising: 

a sending device; and 

a receiving device configured to receive elec- 
tronic data encrypted for the purpose of copy- 
right protection and sent from the sending de- 
vice, 

wherein at least one of the sending device and 
the receiving device comprises: 

an identification information managing unit con- 
figured lo hold device identification information 
regarding another device acquired through a 
network; 

an ID registration processing unit configured to 
register the device identification infomnation of 
another device when the other device Is recog- 
nized to be connected to a network having a 
prescribed limited range; and 
an authentication and key exchange process- 
ing unit configured to complete AKE process 
only when another Information communication 
device whose device Identification Infomnation 
is registered in the identification Information 
managing unit. 

11. A computer program product comprising a compu- 
ter useable medium having computer program logic 
recorded thereon for enabling a processor to control 
transmission of electronic data encrypted for the 
purpose of copyright protection, the computer pro- 
gram product comprising: 

a sending procedure that enables the proces- 
sor to send a request packet to another device 
with which communication is to be conducted; 
a receiving procedure that enables the proces- 
sor to receive a response packet from another 
device; 

a determining procedure that enables the proc- 
essor to detennine if another infonmation com- 
munication device is connected to a network 
having a prescribed limited range based on the 
received device ID response packet; 
a registration procedure that enables the proc- 
essor to register the devk^e identification infor- 
mation of another information communication 
device when it is determined that the other In- 
fonnation communication device is connected 
to a network having a prescribed limited range; 
and . 



an authentication and key exchange procedure 
that enables the processor to, for the purpose 
of copyright protection, complete AKE process 
only when another Infomnation communication 
5 device whose device identification information 

is registered in the registration procedure. 

12. An information communication device for transmit- 
ting electronic data encrypted for the purpose of 

10 copyright protection to another information commu- 
nication devbe through a network, the device com- 
prising: 

a first interface unit that is connected to the net- 

15 work; 

a second interface unit configured to receive 
unique identification information sent from an 
identification information sending device that is 
capable of communteating with the information 

20 communication device; 

an identification information managing unit con- 
figured to hold said unique Identlfteation infor- 
mation after it Is received; 
an identification information registration 

25 processing unit configured to register said 

unique identification information to the identifi- 
cation information managing unit and deter- 
mine if the unique identification information is 
registered in another device; and 

50 a first authentication and key exchange 

processing unit configured to complete authen- 
tication of and key exchange with another infor- 
mation communicatbn device for the purpose 
of copyright protectfon when it is determined 

35 that the unique Identification infomnation is reg- 

istered In the other Infomnation communication 
devk^e. 

13. The information communication device as claimed 
40 In claim 12, wherein the second Interface unit re- 
ceives electronic data transmitted through the sec- 
ond interface unit include encrypted data. 

14. The Information communication device as claimed 
45 in claim 12, further comprising: 

a registration start directive issuing unit config- 
ured to issue a directive for starting registration 
of the unique identifk^ation information. 
50 the Identification information registration 

processing unit being configured to execute 
registration processing when the directive has 
been issued from registration start directive is- 
suing unit. 

55 

15. The information communication device as claimed 
in claim 12, further comprising a power supply con- 
trol unit configured to. deliver power supply voltage 
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to the second interface unit when the identification 
information registration processing unit is executing 
registration processing. 

16. The information communication device as claimed s 
in claim 12. further comprising: 

a second authentication and Icey exchange 
processing unit configured to execute authen- 
tication and key exchange with respect to the io 
identification information sending device 
through the second interface unit, 
the identification infomnation registration 
processing unit configured to execute registra- 
tion processing with respect to the identification is 
information sending device when the second 
authentication and key exchange processing 
. unit has successfully completed Its authentica- 
tion and Icey exchange with respect to the iden- 
tification information sending device. 20 

17. The information communication device as claimed 
in claim 16, further comprising: 

a measuring unit configured to measure the 25 
round trip time between sending a specific 
packet to the identification information sending 
device and receiving a corresponding response 
packet from the identification inf onnation send- 
ing device, 30 
the second authentication and key exchange 
processing unit being configured to complete 
authentication and exchange processing when 
the round trip time measured by the measuring 
device is less than a prescribed amount of time. 35 

18. The information communication device as claimed 
in claim 17, wherein the Identification information 
registration processing unit starts registration 
processing after the measuring unit has completed 
measuring the round trip time. 

19. The Information communication device as claimed 
in claim 12, further comprising a registration notify- 
ing unit configured to notify a user that the identifi- ^5 
cation information registration processing unit has 
registered the unique identifcatlon information. 

20. The information communication device as claimed 

in claim 12, wherein the identification information so 
registration processing unit further comprises an 
encryption communication processing unit config- 
ured to encrypt the unique identification infonmatlon 
received from the second interface unit to register 
the encrypted unique identification infomnation; and 55 

wherein the Identification lnforrr>ation manag- 
ing unit further comprises a decryption communica- 
tion processing unit configured to decrypt the en- 



crypted unique identification information sent from 
the encryption communication processing unit. 

21 . The infonmatlon communication device as claimed 
in claim 12, wherein the unk)ue identification infor- 
mation is unique to each identification information 
sending device. 

22. The Infonmation communication device as claimed 
In claim 12, wherein the identification information 
registration processing unit limits the number of dif- 
ferent unique Identification information entries that 
cdn be registered to a predetermined number. 

23. An information communication device for sending 
identification information to first and second infor- 
mation communication devices configured to trans- 
mit electron^ data encrypted for copyright protec- 
tion over a network, the Information communication 
device comprising: 

an identification infomnation holding unit config- 
ured to hold unique identification information 
that is required in order for the first and second 
information communication devices to transmit 
the electronic data which are required for cop- 
yright protection to complete authentication 
and key exchange process (AKE process); and 
a communication unit configured to send the 
unique identification information to the first and 
second communication devices. 

24. The information communication device as claimed 
in claim 23, wherein the identification information 
holding unit limits the number of identifrcatlon Infor- 
mation entries that can be held to a prescribed 
number. 

25. The information communication device as claimed 
in claim 23, wherein the communication unit is con- 
figured to perform wireless communication between 
the first and second communication devices using 
Infrared rays. 

26. The information communication device as claimed 
In claim 25, further comprising: 

a one-way infrared communication unit config- 
ured to perform one-way infrared communica- 
tion, 

wherein the aforementioned communication 
unit is a two-way infrared communication unit. 

27. The information communication device as claimed 
in claim 23. wherein the communication unit is con- 
figured to periorm wireless communication between 
the first and second communication devices using 
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electric power generated from received radio 
waves. 

28. The information communication device as claimed 
In claim 25, wherein the communication device is 
configured to perform communication between the 
using a detachable memory device. 

29. A data transmission system, comprising: 

a sending device connected to a network; 
a receiving device configured to receive elec- 
tronic data sent from the sending device 
through the network, the electronic data having 
been encrypted for the purpose of copyright 
protection; 
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essor to register the received unique identifica- 
tion infomriation; 

a detemiining procedure that enables the proc- 
essor to detemnine If the unique Identification 
infomnation is registered In another communi- 
cation device; and 

an authentication and key exchange procedure 
that enables the processor to complete authen- 
tication of and key exchange with another com- 
munication device for the purpose of copyright 
protection only when it is determined that the 
unique Identification infomriation is registered in 
the other comnunication device. 
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wherein at least one of the sending device and 
the receiving device comprises: 

a communication unit configured to communi- 
cate with an identification information sending 
device through an Interface that is separate 
from the network and receive unique identifica- 
tion information sent from the identlfteation in- 
fomriation sending device; 
an identification Information registering unit 
configured to registerthe received unique iden- 
tification Information; 

an identification infomriation registration deter- 
mining unit configured to detemnine if the 
unique Identification Information is registered in 
another communication device; and an authen- 
tication and key exchange processing unit con- 
figured to complete authentication of and key 
exchange with another communication device 
for the purpose of copyright protection only 
when It is detemnined that the unique identifica- 
tion infonmation is registered in the other con- 
nmunication device. 
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30. A computer program product comprising a compu- 
ter useable medium having a computer program 
logic recorded thereon for enabling a processor to 
control the transmission of electronic data between ^5 
a sending device connected to a network and a re- 
ceiving device configured to receive electronic data 
encrypted for the purpose of copyright protection 
and sent from the sending devk:e through the net- 
work, the computer program product comprising: so 

a receiving procedure that enables the proces- 
sor to communicate with an identification infor- 
mation sending device through an interface that 
Is separate from the network and receive 55 
unique identification infonnation sent from the 
Identification information sending device; 
a registration procedure that enables the proc- 
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